diff options
| -rw-r--r-- | inc/auth/ldap.class.php | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/inc/auth/ldap.class.php b/inc/auth/ldap.class.php index bd1322344..d3037e869 100644 --- a/inc/auth/ldap.class.php +++ b/inc/auth/ldap.class.php @@ -180,7 +180,7 @@ class auth_ldap extends auth_basic { msg('LDAP user search: '.htmlspecialchars(ldap_error($this->con)),0,__LINE__,__FILE__); // Don't accept more or less than one response - if($result['count'] != 1){ + if(!is_array($result) || $result['count'] != 1){ return false; //user not found } @@ -220,18 +220,19 @@ class auth_ldap extends auth_basic { if ($this->cnf['grouptree'] && $this->cnf['groupfilter']) { $base = $this->_makeFilter($this->cnf['grouptree'], $user_result); $filter = $this->_makeFilter($this->cnf['groupfilter'], $user_result); - $sr = @ldap_search($this->con, $base, $filter, array($this->cnf['groupkey'])); if(!$sr){ msg("LDAP: Reading group memberships failed",-1); - if($this->cnf['debug']) + if($this->cnf['debug']){ msg('LDAP group search: '.htmlspecialchars(ldap_error($this->con)),0,__LINE__,__FILE__); + msg('LDAP filter was: '.htmlspecialchars($filter),0,__LINE__,__FILE__); + } return false; } $result = ldap_get_entries($this->con, $sr); ldap_free_result($sr); - foreach($result as $grp){ + if(is_array($result)) foreach($result as $grp){ if(!empty($grp[$this->cnf['groupkey']][0])){ if($this->cnf['debug']) msg('LDAP usergroup: '.htmlspecialchars($grp[$this->cnf['groupkey']][0]),0,__LINE__,__FILE__); |